RSAC2017: Security implications of blockchain

As companies cultivate blockchain smarts, Thomas Keenan, Professor at University of Calgary highlights the security implications of non-financial uses of blockchain at the RSA Security Conference 2017.

Banks may become the early adopters of the blockchain technology. Recently, State Bank of India (SBI) has taken the initiative to spearhead India’s first Blockchain exploration consortium for banks – something that we predicted a week before this news was announced.
Businesses are beginning to discover the benefits of deploying blockchain technology. According to Thomas Keenan, Professor at University of Calgary, the four reasons of why businesses love blockchain includes a) enables direct ownership b) speed and efficiency of transactions c) automation d) certainty, proof of existence.
There has been a surge in the number of blockchain pilots running at different organizations. Keenan lists down four companies from different verticals that are having a go at the blockchain technology. Ascribe GmbH is securing limited edition art prints using blockchain. Honduras government aims to corruption-proof land titles. Greats, is a Brooklyn-based sneaker manufacturer that is using blockchain smart tags to thwart counterfeiters.
Cover Story: Breaking down blockchain
However, there are security implications of blockchain that are not restricted only to financial institutions. Even non-financial organizations need to develop the blockchain readiness for the future. As companies cultivate blockchain smarts, Keenan highlights the security implications of non-financial uses of blockchain at the RSA Security Conference 2017.
"When more that 51% of the computing power is controlled by an entity, it can effectively certify false transactions," notes Keenan. He quotes this whitepaper where researchers Matthew Green and Ian Miers explore privacy in the context of micropayments channels and outline a new scheme, known as bolt, which they believe will provide "private, instantaneous, anonymous payments".
And therefore, he concludes that blockchain may not be as anonymous as cash, but is more anonymous than most other payment methods.
And this anonymity could become the primary reason for its insecurity and the ecosystem that supports it. Keenan says, "While blockchain is resisted to tampering, support systems are just as vulnerable as any others to hacking, programmable errors, malware, etc."
While the associated risks of the core technology are manageable, Keenan warns, danger awaits the ecosystem around blockchain.